Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.squadra.work
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
45 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CC:2E:94:4C:C7:E9:07:D3:BC:52:58:F6:58:6A:70:6D:DB:96:8B:F5:9A:1E:A2:94:18:42:7D:06:09:3E:AC:03
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
think007.com
popcore.12traits.com
www.8kguvenlik.com
adamthesax.com
www.aircasa.in
alohaonrails.com
angelabricker.com
arbulator.com
www.arkoreltd.com
www.arnavjaiswal.com
v2.auditionmagic.com
infiniti-staging.autoroot.ca
us.test.atlascrm.avisi-apps.com
uat-verify.sandbox.beforepay.com.au
www.bertonebroker.com.br
v1.bhavit.dev
auth.bikegarage.cc
www.bingostallet.com
www.preview.bloksapps.com
www.britannia-apartments.com
brunolua.com
app.bubblybrain.ch
artisanlifepulse.bytekast.io
tracking.cargamos.com
www.cartoonfun.co.uk
cglyn.de
www.christianarthur.com
www.blog.sang.com.vn
www.coral-clinic.com
api.stg.cuddle.me
down.cuppazee.uk
link.curv.ai
www.cvl.ai
dative.me
devise.me
dev.devspear.com
pfg.dominos.ae
nest.dragon3h.win
economiagenuinamassey.com
elombekisala.com
www.fembelling.live
www.flitterdart.com
gnon.top
goliving.co
kitsap.impactwrap.com
ingestly.dev
itskamo.com
jannik-nordmann.de
kayinla87.com
d2lfull-dev.klarway.com
kreadisrupt.com
fitness.lewboxing.com
liormilgrom.com
askolcer.mahnuser.dev
moistspider.club
ccpa.moovstudio.cc
profile.mysideline.com.au
optix.nil-consulting.net
status.nor.by
member.nordveld.com
ohm-cloud.oni.bio
pabloarrastia.com
login.payfreee.com
app.pingpong.to
pipel.biz
i.planaraid.com
lok-jagaran-abhiyan-staging.pmprant.in
pricing.posible.in
link.stg1.quedemi.com
www.raagus.com
mn-live.realityapologetics.com
digitalizaciondgc.relex.ar
app.sas.org.uk
williams.dashi.sasaki.com
lbc.scheduly.org
www.sdetmexico.com
discover.seashels.com
sharez.one
www.link.shoofti.com
www.sinopiaolive.com
www.skillyheads.com
redaktion-schuch.splmns.xyz
app.squadra.work
santacloud.stnikolaus-wohlen.ch
surebak.com
analyticschangelog.taxbackinternational.com
confero-playground.televic.com
play.thezonerpg.com
trevis.com.br
app.ustraa.com
vignettepro.com
vinayvissh.com
assessment.voltaresearch.org
depit-orders.waiterpro.com
watching-order.com
app.weightplan.com
upload.workhere.com
yello.space
link.yoono.io
links.zeiken.cl
Other domains in certificate